Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/sBRsLEVhhvHPqAAiLZZE19E1q3A.roa
File: sBRsLEVhhvHPqAAiLZZE19E1q3A.roa (raw, json)
Hash identifier: 28JFhYi84my3ZZQCm352URW29doTRuwQ83euQ7kfJQc=
Subject key identifier: B0:14:6C:2C:45:61:86:F1:CF:A8:00:22:2D:96:44:D7:D1:35:AB:70
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C77C657DF7DAC1A9D4BE48CBF7F4A24CF
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/sBRsLEVhhvHPqAAiLZZE19E1q3A.roa
Signing time: Thu 19 Feb 2026 21:20:13 +0000
ROA not before: Thu 19 Feb 2026 21:20:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213877
IP address blocks: 64.188.73.0/24 maxlen: 24
64.188.75.0/24 maxlen: 24
64.188.92.0/22 maxlen: 24
64.188.96.0/24 maxlen: 24
64.188.97.0/24 maxlen: 24
64.188.112.0/23 maxlen: 24
64.188.116.0/23 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
77.239.100.0/22 maxlen: 24
77.239.104.0/24 maxlen: 24
77.239.105.0/24 maxlen: 24
77.239.122.0/24 maxlen: 24
77.239.123.0/24 maxlen: 24
144.31.26.0/23 maxlen: 24
144.31.64.0/22 maxlen: 24
144.31.68.0/22 maxlen: 24
144.31.72.0/22 maxlen: 24
144.31.76.0/22 maxlen: 24
144.31.86.0/23 maxlen: 24
144.31.89.0/24 maxlen: 24
144.31.104.0/23 maxlen: 24
144.31.114.0/23 maxlen: 24
144.31.120.0/23 maxlen: 24
144.31.137.0/24 maxlen: 24
144.31.192.0/23 maxlen: 24
144.31.198.0/23 maxlen: 24
144.31.226.0/23 maxlen: 24
144.31.228.0/23 maxlen: 24
144.31.244.0/23 maxlen: 24
144.31.246.0/23 maxlen: 24
144.31.252.0/23 maxlen: 24
144.31.254.0/23 maxlen: 24
150.241.86.0/24 maxlen: 24
150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
185.184.122.0/24 maxlen: 24
185.184.123.0/24 maxlen: 24
185.207.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:77:c6:57:df:7d:ac:1a:9d:4b:e4:8c:bf:7f:4a:24:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 19 21:20:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b0146c2c456186f1cfa800222d9644d7d135ab70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:94:41:54:1a:53:5b:c6:5c:f2:dd:cb:cc:4a:
09:67:36:4e:36:3a:5a:e0:34:2c:47:6d:1c:85:8b:
9c:13:9e:f8:24:0d:61:dd:7f:67:46:34:4f:d8:8d:
9f:a0:4f:3e:4e:7a:17:40:2f:21:2a:fe:43:11:41:
85:b0:79:b1:bf:22:33:61:f1:a4:ac:08:0b:47:c9:
e5:30:d9:76:9e:ca:34:99:fb:83:64:a4:bd:9f:56:
1a:61:f7:d9:1e:07:d7:24:ea:8e:b7:2f:17:65:b8:
dd:fa:6d:93:e5:8e:fd:ef:17:3e:ae:5f:f0:b9:c9:
38:20:3a:eb:dd:9a:b1:26:62:d4:c9:cd:9a:14:ec:
99:3d:46:9d:1d:48:73:36:dd:38:71:00:81:07:95:
11:5b:25:02:e5:d4:6d:83:e5:4a:24:20:98:a0:50:
4b:33:5c:e5:42:75:ae:b8:f3:1c:9a:dd:7d:00:c4:
bb:68:57:ae:44:ae:bf:bf:14:3f:a4:a6:be:9c:87:
15:14:c4:e8:be:12:39:86:e7:d1:3c:b9:57:17:32:
58:8c:8e:54:0c:8e:7e:5e:b3:2f:59:04:ea:14:ef:
37:51:96:46:0b:12:f0:7a:d2:82:e7:5a:24:d4:c9:
80:ac:cd:de:e3:f0:ec:11:fd:73:40:64:26:f4:82:
6e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:14:6C:2C:45:61:86:F1:CF:A8:00:22:2D:96:44:D7:D1:35:AB:70
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/sBRsLEVhhvHPqAAiLZZE19E1q3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.73.0/24
64.188.75.0/24
64.188.92.0-64.188.97.255
64.188.112.0/23
64.188.116.0/23
64.188.124.0-64.188.126.255
77.239.100.0-77.239.105.255
77.239.122.0/23
144.31.26.0/23
144.31.64.0/20
144.31.86.0/23
144.31.89.0/24
144.31.104.0/23
144.31.114.0/23
144.31.120.0/23
144.31.137.0/24
144.31.192.0/23
144.31.198.0/23
144.31.226.0-144.31.229.255
144.31.244.0/22
144.31.252.0/22
150.241.86.0/24
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
185.184.122.0/23
185.207.133.0/24
Signature Algorithm: sha256WithRSAEncryption
72:71:99:56:96:7a:da:af:a1:a2:7a:89:71:78:9a:3b:2a:35:
9f:de:5f:e0:93:65:c8:98:b6:81:8b:8a:2a:0c:91:a6:5b:fc:
52:77:11:90:0d:a6:ec:c1:2d:3e:ee:69:cd:a7:1f:6c:0f:76:
06:b3:ec:77:81:ba:65:4c:ce:fa:fc:47:72:57:74:8f:ba:f2:
02:e0:b8:ef:25:7e:c2:a4:9a:0e:97:ce:15:6d:69:60:a6:c0:
9e:3d:94:4d:7f:5d:41:ad:08:7a:72:6e:5c:a3:be:a5:42:03:
7a:d8:c8:b9:b0:48:76:55:c5:42:34:ff:ba:a1:fe:e1:3a:96:
ee:dd:cb:05:01:5a:0a:ee:69:78:02:6d:75:1e:c2:9a:64:d1:
80:21:fd:99:69:b1:4e:9d:ed:25:a9:e6:ca:7b:8a:19:ef:7d:
e1:a3:b5:4b:ed:b5:34:53:f9:25:47:1c:11:5c:c1:8b:37:04:
f6:c3:0a:30:a9:cf:77:b9:cb:68:50:1c:c9:1f:4d:0f:5b:57:
f2:59:e9:09:a5:41:cb:e6:9f:8c:9b:d2:83:57:05:5c:8c:68:
17:ab:5e:6b:3c:27:2c:d7:bf:cf:f9:53:68:36:f3:38:38:fa:
f4:ae:56:69:76:d9:1a:88:6b:42:3d:89:75:5f:43:49:4a:b1:
6f:fc:70:48
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZx3xlfffawanUvkjL9/SiTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjE5MjEyMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDE0NmMyYzQ1NjE4NmYxY2ZhODAwMjIyZDk2NDRkN2QxMzVhYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJRBVBpTW8Zc8t3LzEoJZzZONjpa
4DQsR20chYucE574JA1h3X9nRjRP2I2foE8+TnoXQC8hKv5DEUGFsHmxvyIzYfGk
rAgLR8nlMNl2nso0mfuDZKS9n1YaYffZHgfXJOqOty8XZbjd+m2T5Y797xc+rl/w
uck4IDrr3ZqxJmLUyc2aFOyZPUadHUhzNt04cQCBB5URWyUC5dRtg+VKJCCYoFBL
M1zlQnWuuPMcmt19AMS7aFeuRK6/vxQ/pKa+nIcVFMTovhI5hufRPLlXFzJYjI5U
DI5+XrMvWQTqFO83UZZGCxLwetKC51ok1MmArM3e4/DsEf1zQGQm9IJuHQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFLAUbCxFYYbxz6gAIi2WRNfRNatwMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvc0JSc0xFVmhodkhQcUFBaUxaWkUxOUUxcTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBABA
vEkDBABAvEswDAMEAkC8XAMEAUC8YAMEAUC8cAMEAUC8dDAMAwQCQLx8AwQAQLx+
MAwDBAJN72QDBAFN72gDBAFN73oDBAGQHxoDBASQH0ADBAGQH1YDBACQH1kDBAGQ
H2gDBAGQH3IDBAGQH3gDBACQH4kDBAGQH8ADBAGQH8YwDAMEAZAf4gMEAZAf5AME
ApAf9AMEApAf/AMEAJbxVgMEAJbxaQMEAJbxbAMEAJbxewMEAbm4egMEALnPhTAN
BgkqhkiG9w0BAQsFAAOCAQEAcnGZVpZ62q+honqJcXiaOyo1n95f4JNlyJi2gYuK
KgyRplv8UncRkA2m7MEtPu5pzacfbA92BrPsd4G6ZUzO+vxHcld0j7ryAuC47yV+
wqSaDpfOFW1pYKbAnj2UTX9dQa0IenJuXKO+pUIDetjIubBIdlXFQjT/uqH+4TqW
7t3LBQFaCu5peAJtdR7CmmTRgCH9mWmxTp3tJanmynuKGe994aO1S+21NFP5JUcc
EVzBizcE9sMKMKnPd7nLaFAcyR9ND1tX8lnpCaVBy+afjJvSg1cFXIxoF6teazwn
LNe/z/lTaDbzODj69K5WaXbZGohrQj2JdV9DSUqxb/xwSA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:08:37 2026 by rpki-client